aws-sdk-securityhub 1.119.0 → 1.121.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-securityhub/client.rb +139 -53
- data/lib/aws-sdk-securityhub/types.rb +55 -56
- data/lib/aws-sdk-securityhub.rb +3 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: c3634ad59a35b3c3b369192d2feaee6fbf73f541b83045a132032a5d2e04c06d
|
4
|
+
data.tar.gz: 9327d2f928e0ad5c480b32f05934097eaa28af504d803afa560040eeb272609d
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 9b765a3b0fb170a39a814ade3ac5f2b683316e0b0945a6087d087acb0edc0e0b5230209cf3ebadd4730cb50a720d067851bd256131d33ee560710bde004d3fbe
|
7
|
+
data.tar.gz: ffa90991ab202eca8e09744eadf3a3ccea17652e9f831729ab2ae57305f97c90174d462a19022d63c007e6850f3c1ae52a3855d6dc1f4487c51afb5f26d0658a
|
data/CHANGELOG.md
CHANGED
@@ -1,6 +1,16 @@
|
|
1
1
|
Unreleased Changes
|
2
2
|
------------------
|
3
3
|
|
4
|
+
1.121.0 (2024-09-27)
|
5
|
+
------------------
|
6
|
+
|
7
|
+
* Feature - Documentation updates for AWS Security Hub
|
8
|
+
|
9
|
+
1.120.0 (2024-09-24)
|
10
|
+
------------------
|
11
|
+
|
12
|
+
* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
|
13
|
+
|
4
14
|
1.119.0 (2024-09-23)
|
5
15
|
------------------
|
6
16
|
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.
|
1
|
+
1.121.0
|
@@ -36,8 +36,6 @@ require 'aws-sdk-core/plugins/telemetry.rb'
|
|
36
36
|
require 'aws-sdk-core/plugins/sign.rb'
|
37
37
|
require 'aws-sdk-core/plugins/protocols/rest_json.rb'
|
38
38
|
|
39
|
-
Aws::Plugins::GlobalConfiguration.add_identifier(:securityhub)
|
40
|
-
|
41
39
|
module Aws::SecurityHub
|
42
40
|
# An API client for SecurityHub. To construct a client, you need to configure a `:region` and `:credentials`.
|
43
41
|
#
|
@@ -449,6 +447,13 @@ module Aws::SecurityHub
|
|
449
447
|
|
450
448
|
# @!group API Operations
|
451
449
|
|
450
|
+
# <note markdown="1"> We recommend using Organizations instead of Security Hub invitations
|
451
|
+
# to manage your member accounts. For information, see [Managing
|
452
|
+
# Security Hub administrator and member accounts with Organizations][1]
|
453
|
+
# in the *Security Hub User Guide*.
|
454
|
+
#
|
455
|
+
# </note>
|
456
|
+
#
|
452
457
|
# Accepts the invitation to be a member account and be monitored by the
|
453
458
|
# Security Hub administrator account that the invitation was sent from.
|
454
459
|
#
|
@@ -459,6 +464,10 @@ module Aws::SecurityHub
|
|
459
464
|
# to the administrator account to view findings generated in the member
|
460
465
|
# account.
|
461
466
|
#
|
467
|
+
#
|
468
|
+
#
|
469
|
+
# [1]: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-accounts-orgs.html
|
470
|
+
#
|
462
471
|
# @option params [required, String] :administrator_id
|
463
472
|
# The account ID of the Security Hub administrator account that sent the
|
464
473
|
# invitation.
|
@@ -1857,7 +1866,7 @@ module Aws::SecurityHub
|
|
1857
1866
|
# account and their member accounts. Member accounts can update findings
|
1858
1867
|
# for their account.
|
1859
1868
|
#
|
1860
|
-
# Updates from `BatchUpdateFindings`
|
1869
|
+
# Updates from `BatchUpdateFindings` don't affect the value of
|
1861
1870
|
# `UpdatedAt` for a finding.
|
1862
1871
|
#
|
1863
1872
|
# Administrator and member accounts can use `BatchUpdateFindings` to
|
@@ -2850,11 +2859,16 @@ module Aws::SecurityHub
|
|
2850
2859
|
req.send_request(options)
|
2851
2860
|
end
|
2852
2861
|
|
2853
|
-
#
|
2854
|
-
# aggregation Region.
|
2862
|
+
# <note markdown="1"> The *aggregation Region* is now called the *home Region*.
|
2855
2863
|
#
|
2856
|
-
#
|
2857
|
-
#
|
2864
|
+
# </note>
|
2865
|
+
#
|
2866
|
+
# Used to enable cross-Region aggregation. This operation can be invoked
|
2867
|
+
# from the home Region only.
|
2868
|
+
#
|
2869
|
+
# For information about how cross-Region aggregation works, see
|
2870
|
+
# [Understanding cross-Region aggregation in Security Hub][1] in the
|
2871
|
+
# *Security Hub User Guide*.
|
2858
2872
|
#
|
2859
2873
|
#
|
2860
2874
|
#
|
@@ -2891,12 +2905,12 @@ module Aws::SecurityHub
|
|
2891
2905
|
#
|
2892
2906
|
# @option params [Array<String>] :regions
|
2893
2907
|
# If `RegionLinkingMode` is `ALL_REGIONS_EXCEPT_SPECIFIED`, then this is
|
2894
|
-
# a space-separated list of Regions that
|
2895
|
-
# the
|
2908
|
+
# a space-separated list of Regions that don't replicate and send
|
2909
|
+
# findings to the home Region.
|
2896
2910
|
#
|
2897
2911
|
# If `RegionLinkingMode` is `SPECIFIED_REGIONS`, then this is a
|
2898
|
-
# space-separated list of Regions that do
|
2899
|
-
#
|
2912
|
+
# space-separated list of Regions that do replicate and send findings to
|
2913
|
+
# the home Region.
|
2900
2914
|
#
|
2901
2915
|
# An `InvalidInputException` error results if you populate this field
|
2902
2916
|
# while `RegionLinkingMode` is `NO_REGIONS`.
|
@@ -3754,7 +3768,7 @@ module Aws::SecurityHub
|
|
3754
3768
|
# owner accepts the invitation, the account becomes a member account in
|
3755
3769
|
# Security Hub.
|
3756
3770
|
#
|
3757
|
-
# Accounts that are managed using Organizations
|
3771
|
+
# Accounts that are managed using Organizations don't receive an
|
3758
3772
|
# invitation. They automatically become a member account in Security
|
3759
3773
|
# Hub.
|
3760
3774
|
#
|
@@ -3834,13 +3848,25 @@ module Aws::SecurityHub
|
|
3834
3848
|
req.send_request(options)
|
3835
3849
|
end
|
3836
3850
|
|
3837
|
-
#
|
3851
|
+
# <note markdown="1"> We recommend using Organizations instead of Security Hub invitations
|
3852
|
+
# to manage your member accounts. For information, see [Managing
|
3853
|
+
# Security Hub administrator and member accounts with Organizations][1]
|
3854
|
+
# in the *Security Hub User Guide*.
|
3855
|
+
#
|
3856
|
+
# </note>
|
3857
|
+
#
|
3858
|
+
# Declines invitations to become a Security Hub member account.
|
3838
3859
|
#
|
3839
3860
|
# A prospective member account uses this operation to decline an
|
3840
3861
|
# invitation to become a member.
|
3841
3862
|
#
|
3842
|
-
#
|
3843
|
-
#
|
3863
|
+
# Only member accounts that aren't part of an Amazon Web Services
|
3864
|
+
# organization should use this operation. Organization accounts don't
|
3865
|
+
# receive invitations.
|
3866
|
+
#
|
3867
|
+
#
|
3868
|
+
#
|
3869
|
+
# [1]: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-accounts-orgs.html
|
3844
3870
|
#
|
3845
3871
|
# @option params [required, Array<String>] :account_ids
|
3846
3872
|
# The list of prospective member account IDs for which to decline an
|
@@ -3974,13 +4000,18 @@ module Aws::SecurityHub
|
|
3974
4000
|
req.send_request(options)
|
3975
4001
|
end
|
3976
4002
|
|
4003
|
+
# <note markdown="1"> The *aggregation Region* is now called the *home Region*.
|
4004
|
+
#
|
4005
|
+
# </note>
|
4006
|
+
#
|
3977
4007
|
# Deletes a finding aggregator. When you delete the finding aggregator,
|
3978
|
-
# you stop
|
4008
|
+
# you stop cross-Region aggregation. Finding replication stops occurring
|
4009
|
+
# from the linked Regions to the home Region.
|
3979
4010
|
#
|
3980
|
-
# When you stop
|
3981
|
-
#
|
3982
|
-
#
|
3983
|
-
#
|
4011
|
+
# When you stop cross-Region aggregation, findings that were already
|
4012
|
+
# replicated and sent to the home Region are still visible from the home
|
4013
|
+
# Region. However, new findings and finding updates are no longer
|
4014
|
+
# replicated and sent to the home Region.
|
3984
4015
|
#
|
3985
4016
|
# @option params [required, String] :finding_aggregator_arn
|
3986
4017
|
# The ARN of the finding aggregator to delete. To obtain the ARN, use
|
@@ -4055,15 +4086,26 @@ module Aws::SecurityHub
|
|
4055
4086
|
req.send_request(options)
|
4056
4087
|
end
|
4057
4088
|
|
4058
|
-
#
|
4059
|
-
#
|
4089
|
+
# <note markdown="1"> We recommend using Organizations instead of Security Hub invitations
|
4090
|
+
# to manage your member accounts. For information, see [Managing
|
4091
|
+
# Security Hub administrator and member accounts with Organizations][1]
|
4092
|
+
# in the *Security Hub User Guide*.
|
4093
|
+
#
|
4094
|
+
# </note>
|
4095
|
+
#
|
4096
|
+
# Deletes invitations to become a Security Hub member account.
|
4060
4097
|
#
|
4061
4098
|
# A Security Hub administrator account can use this operation to delete
|
4062
|
-
# invitations sent to one or more member accounts.
|
4099
|
+
# invitations sent to one or more prospective member accounts.
|
4063
4100
|
#
|
4064
4101
|
# This operation is only used to delete invitations that are sent to
|
4065
|
-
# member accounts that aren't part of an
|
4066
|
-
# accounts don't receive
|
4102
|
+
# prospective member accounts that aren't part of an Amazon Web
|
4103
|
+
# Services organization. Organization accounts don't receive
|
4104
|
+
# invitations.
|
4105
|
+
#
|
4106
|
+
#
|
4107
|
+
#
|
4108
|
+
# [1]: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-accounts-orgs.html
|
4067
4109
|
#
|
4068
4110
|
# @option params [required, Array<String>] :account_ids
|
4069
4111
|
# The list of member account IDs that received the invitations you want
|
@@ -4347,7 +4389,7 @@ module Aws::SecurityHub
|
|
4347
4389
|
# You can optionally provide an integration ARN. If you provide an
|
4348
4390
|
# integration ARN, then the results only include that integration.
|
4349
4391
|
#
|
4350
|
-
# If you
|
4392
|
+
# If you don't provide an integration ARN, then the results include all
|
4351
4393
|
# of the available product integrations.
|
4352
4394
|
#
|
4353
4395
|
# @option params [String] :next_token
|
@@ -4954,7 +4996,7 @@ module Aws::SecurityHub
|
|
4954
4996
|
#
|
4955
4997
|
# @option params [Boolean] :enable_default_standards
|
4956
4998
|
# Whether to enable the security standards that Security Hub has
|
4957
|
-
# designated as automatically enabled. If you
|
4999
|
+
# designated as automatically enabled. If you don't provide a value for
|
4958
5000
|
# `EnableDefaultStandards`, it is set to `true`. To not enable the
|
4959
5001
|
# automatically enabled standards, set `EnableDefaultStandards` to
|
4960
5002
|
# `false`.
|
@@ -5314,7 +5356,13 @@ module Aws::SecurityHub
|
|
5314
5356
|
req.send_request(options)
|
5315
5357
|
end
|
5316
5358
|
|
5317
|
-
#
|
5359
|
+
# <note markdown="1"> The *aggregation Region* is now called the *home Region*.
|
5360
|
+
#
|
5361
|
+
# </note>
|
5362
|
+
#
|
5363
|
+
# Returns the current configuration in the calling account for
|
5364
|
+
# cross-Region aggregation. A finding aggregator is a resource that
|
5365
|
+
# establishes the home Region and any linked Regions.
|
5318
5366
|
#
|
5319
5367
|
# @option params [required, String] :finding_aggregator_arn
|
5320
5368
|
# The ARN of the finding aggregator to return details for. To obtain the
|
@@ -5552,9 +5600,9 @@ module Aws::SecurityHub
|
|
5552
5600
|
|
5553
5601
|
# Returns a list of findings that match the specified criteria.
|
5554
5602
|
#
|
5555
|
-
# If
|
5556
|
-
# from the
|
5557
|
-
# findings from both the
|
5603
|
+
# If cross-Region aggregation is enabled, then when you call
|
5604
|
+
# `GetFindings` from the home Region, the results include all of the
|
5605
|
+
# matching findings from both the home Region and linked Regions.
|
5558
5606
|
#
|
5559
5607
|
# @option params [Types::AwsSecurityFindingFilters] :filters
|
5560
5608
|
# The finding attributes used to define a condition to filter the
|
@@ -6478,7 +6526,7 @@ module Aws::SecurityHub
|
|
6478
6526
|
# Lists and describes insights for the specified insight ARNs.
|
6479
6527
|
#
|
6480
6528
|
# @option params [Array<String>] :insight_arns
|
6481
|
-
# The ARNs of the insights to describe. If you
|
6529
|
+
# The ARNs of the insights to describe. If you don't provide any
|
6482
6530
|
# insight ARNs, then `GetInsights` returns all of your custom insights.
|
6483
6531
|
# It does not return any managed insights.
|
6484
6532
|
#
|
@@ -6921,10 +6969,21 @@ module Aws::SecurityHub
|
|
6921
6969
|
req.send_request(options)
|
6922
6970
|
end
|
6923
6971
|
|
6972
|
+
# <note markdown="1"> We recommend using Organizations instead of Security Hub invitations
|
6973
|
+
# to manage your member accounts. For information, see [Managing
|
6974
|
+
# Security Hub administrator and member accounts with Organizations][1]
|
6975
|
+
# in the *Security Hub User Guide*.
|
6976
|
+
#
|
6977
|
+
# </note>
|
6978
|
+
#
|
6924
6979
|
# Returns the count of all Security Hub membership invitations that were
|
6925
|
-
# sent to the
|
6980
|
+
# sent to the calling member account, not including the currently
|
6926
6981
|
# accepted invitation.
|
6927
6982
|
#
|
6983
|
+
#
|
6984
|
+
#
|
6985
|
+
# [1]: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-accounts-orgs.html
|
6986
|
+
#
|
6928
6987
|
# @return [Types::GetInvitationsCountResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
6929
6988
|
#
|
6930
6989
|
# * {Types::GetInvitationsCountResponse#invitations_count #invitations_count} => Integer
|
@@ -7178,12 +7237,20 @@ module Aws::SecurityHub
|
|
7178
7237
|
req.send_request(options)
|
7179
7238
|
end
|
7180
7239
|
|
7240
|
+
# <note markdown="1"> We recommend using Organizations instead of Security Hub invitations
|
7241
|
+
# to manage your member accounts. For information, see [Managing
|
7242
|
+
# Security Hub administrator and member accounts with Organizations][1]
|
7243
|
+
# in the *Security Hub User Guide*.
|
7244
|
+
#
|
7245
|
+
# </note>
|
7246
|
+
#
|
7181
7247
|
# Invites other Amazon Web Services accounts to become member accounts
|
7182
7248
|
# for the Security Hub administrator account that the invitation is sent
|
7183
7249
|
# from.
|
7184
7250
|
#
|
7185
|
-
# This operation is only used to invite accounts that
|
7186
|
-
# an organization. Organization accounts
|
7251
|
+
# This operation is only used to invite accounts that don't belong to
|
7252
|
+
# an Amazon Web Services organization. Organization accounts don't
|
7253
|
+
# receive invitations.
|
7187
7254
|
#
|
7188
7255
|
# Before you can use this action to invite a member, you must first use
|
7189
7256
|
# the `CreateMembers` action to create the member account in Security
|
@@ -7191,7 +7258,11 @@ module Aws::SecurityHub
|
|
7191
7258
|
#
|
7192
7259
|
# When the account owner enables Security Hub and accepts the invitation
|
7193
7260
|
# to become a member account, the administrator account can view the
|
7194
|
-
# findings generated
|
7261
|
+
# findings generated in the member account.
|
7262
|
+
#
|
7263
|
+
#
|
7264
|
+
#
|
7265
|
+
# [1]: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-accounts-orgs.html
|
7195
7266
|
#
|
7196
7267
|
# @option params [required, Array<String>] :account_ids
|
7197
7268
|
# The list of account IDs of the Amazon Web Services accounts to invite
|
@@ -7566,9 +7637,9 @@ module Aws::SecurityHub
|
|
7566
7637
|
req.send_request(options)
|
7567
7638
|
end
|
7568
7639
|
|
7569
|
-
# If
|
7570
|
-
# returns the ARN of the finding aggregator. You
|
7571
|
-
# from any Region.
|
7640
|
+
# If cross-Region aggregation is enabled, then `ListFindingAggregators`
|
7641
|
+
# returns the Amazon Resource Name (ARN) of the finding aggregator. You
|
7642
|
+
# can run this operation from any Amazon Web Services Region.
|
7572
7643
|
#
|
7573
7644
|
# @option params [String] :next_token
|
7574
7645
|
# The token returned with the previous set of results. Identifies the
|
@@ -7624,12 +7695,23 @@ module Aws::SecurityHub
|
|
7624
7695
|
req.send_request(options)
|
7625
7696
|
end
|
7626
7697
|
|
7698
|
+
# <note markdown="1"> We recommend using Organizations instead of Security Hub invitations
|
7699
|
+
# to manage your member accounts. For information, see [Managing
|
7700
|
+
# Security Hub administrator and member accounts with Organizations][1]
|
7701
|
+
# in the *Security Hub User Guide*.
|
7702
|
+
#
|
7703
|
+
# </note>
|
7704
|
+
#
|
7627
7705
|
# Lists all Security Hub membership invitations that were sent to the
|
7628
|
-
#
|
7706
|
+
# calling account.
|
7707
|
+
#
|
7708
|
+
# Only accounts that are managed by invitation can use this operation.
|
7709
|
+
# Accounts that are managed using the integration with Organizations
|
7710
|
+
# don't receive invitations.
|
7629
7711
|
#
|
7630
|
-
#
|
7631
|
-
#
|
7632
|
-
#
|
7712
|
+
#
|
7713
|
+
#
|
7714
|
+
# [1]: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-accounts-orgs.html
|
7633
7715
|
#
|
7634
7716
|
# @option params [Integer] :max_results
|
7635
7717
|
# The maximum number of items to return in the response.
|
@@ -8596,12 +8678,16 @@ module Aws::SecurityHub
|
|
8596
8678
|
req.send_request(options)
|
8597
8679
|
end
|
8598
8680
|
|
8599
|
-
#
|
8600
|
-
# Region linking mode and the list of included or excluded Regions. You
|
8601
|
-
# cannot use `UpdateFindingAggregator` to change the aggregation Region.
|
8681
|
+
# <note markdown="1"> The *aggregation Region* is now called the *home Region*.
|
8602
8682
|
#
|
8603
|
-
#
|
8604
|
-
#
|
8683
|
+
# </note>
|
8684
|
+
#
|
8685
|
+
# Updates cross-Region aggregation settings. You can use this operation
|
8686
|
+
# to update the Region linking mode and the list of included or excluded
|
8687
|
+
# Amazon Web Services Regions. However, you can't use this operation to
|
8688
|
+
# change the home Region.
|
8689
|
+
#
|
8690
|
+
# You can invoke this operation from the current home Region only.
|
8605
8691
|
#
|
8606
8692
|
# @option params [required, String] :finding_aggregator_arn
|
8607
8693
|
# The ARN of the finding aggregator. To obtain the ARN, use
|
@@ -8638,12 +8724,12 @@ module Aws::SecurityHub
|
|
8638
8724
|
#
|
8639
8725
|
# @option params [Array<String>] :regions
|
8640
8726
|
# If `RegionLinkingMode` is `ALL_REGIONS_EXCEPT_SPECIFIED`, then this is
|
8641
|
-
# a space-separated list of Regions that
|
8642
|
-
# the
|
8727
|
+
# a space-separated list of Regions that don't replicate and send
|
8728
|
+
# findings to the home Region.
|
8643
8729
|
#
|
8644
8730
|
# If `RegionLinkingMode` is `SPECIFIED_REGIONS`, then this is a
|
8645
|
-
# space-separated list of Regions that do
|
8646
|
-
#
|
8731
|
+
# space-separated list of Regions that do replicate and send findings to
|
8732
|
+
# the home Region.
|
8647
8733
|
#
|
8648
8734
|
# An `InvalidInputException` error results if you populate this field
|
8649
8735
|
# while `RegionLinkingMode` is `NO_REGIONS`.
|
@@ -10462,7 +10548,7 @@ module Aws::SecurityHub
|
|
10462
10548
|
tracer: tracer
|
10463
10549
|
)
|
10464
10550
|
context[:gem_name] = 'aws-sdk-securityhub'
|
10465
|
-
context[:gem_version] = '1.
|
10551
|
+
context[:gem_version] = '1.121.0'
|
10466
10552
|
Seahorse::Client::Request.new(handlers, context)
|
10467
10553
|
end
|
10468
10554
|
|
@@ -425,18 +425,12 @@ module Aws::SecurityHub
|
|
425
425
|
include Aws::Structure
|
426
426
|
end
|
427
427
|
|
428
|
-
# One or more actions
|
429
|
-
# defined criteria of
|
428
|
+
# One or more actions that Security Hub takes when a finding matches the
|
429
|
+
# defined criteria of a rule.
|
430
430
|
#
|
431
431
|
# @!attribute [rw] type
|
432
|
-
# Specifies
|
433
|
-
#
|
434
|
-
# of namespace/category/classifier. For more information, see [Types
|
435
|
-
# taxonomy for ASFF][1] in the *Security Hub User Guide*.
|
436
|
-
#
|
437
|
-
#
|
438
|
-
#
|
439
|
-
# [1]: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format-type-taxonomy.html
|
432
|
+
# Specifies the type of action that Security Hub takes when a finding
|
433
|
+
# matches the defined criteria of a rule.
|
440
434
|
# @return [String]
|
441
435
|
#
|
442
436
|
# @!attribute [rw] finding_fields_update
|
@@ -865,7 +859,7 @@ module Aws::SecurityHub
|
|
865
859
|
# The identifier for the given resource type. For Amazon Web Services
|
866
860
|
# resources that are identified by Amazon Resource Names (ARNs), this
|
867
861
|
# is the ARN. For Amazon Web Services resources that lack ARNs, this
|
868
|
-
# is the identifier as defined by the Amazon Web
|
862
|
+
# is the identifier as defined by the Amazon Web Services service that
|
869
863
|
# created the resource. For non-Amazon Web Services resources, this is
|
870
864
|
# a unique identifier that is associated with the resource.
|
871
865
|
#
|
@@ -3299,9 +3293,9 @@ module Aws::SecurityHub
|
|
3299
3293
|
# @!attribute [rw] lifecycle
|
3300
3294
|
# Defines when a protected resource is transitioned to cold storage
|
3301
3295
|
# and when it expires. Backup transitions and expires backups
|
3302
|
-
# automatically according to the lifecycle that you define. If you
|
3303
|
-
#
|
3304
|
-
# source backup to the destination backup.
|
3296
|
+
# automatically according to the lifecycle that you define. If you
|
3297
|
+
# don't specify a lifecycle, Backup applies the lifecycle policy of
|
3298
|
+
# the source backup to the destination backup.
|
3305
3299
|
#
|
3306
3300
|
# Backups transitioned to cold storage must be stored in cold storage
|
3307
3301
|
# for a minimum of 90 days.
|
@@ -3366,9 +3360,9 @@ module Aws::SecurityHub
|
|
3366
3360
|
# @!attribute [rw] lifecycle
|
3367
3361
|
# Defines when a protected resource is transitioned to cold storage
|
3368
3362
|
# and when it expires. Backup transitions and expires backups
|
3369
|
-
# automatically according to the lifecycle that you define. If you
|
3370
|
-
#
|
3371
|
-
# source backup to the destination backup.
|
3363
|
+
# automatically according to the lifecycle that you define. If you
|
3364
|
+
# don't specify a lifecycle, Backup applies the lifecycle policy of
|
3365
|
+
# the source backup to the destination backup.
|
3372
3366
|
#
|
3373
3367
|
# Backups transitioned to cold storage must be stored in cold storage
|
3374
3368
|
# for a minimum of 90 days.
|
@@ -3409,7 +3403,7 @@ module Aws::SecurityHub
|
|
3409
3403
|
# @!attribute [rw] encryption_key_arn
|
3410
3404
|
# The unique ARN associated with the server-side encryption key. You
|
3411
3405
|
# can specify a key to encrypt your backups from services that support
|
3412
|
-
# full Backup management. If you
|
3406
|
+
# full Backup management. If you don't specify a key, Backup creates
|
3413
3407
|
# an KMS key for you by default.
|
3414
3408
|
# @return [String]
|
3415
3409
|
#
|
@@ -10075,7 +10069,7 @@ module Aws::SecurityHub
|
|
10075
10069
|
# active container instance that meets all of the task placement
|
10076
10070
|
# constraints that are specified in the cluster. The service scheduler
|
10077
10071
|
# also evaluates the task placement constraints for running tasks and
|
10078
|
-
# stops tasks that
|
10072
|
+
# stops tasks that don't meet the placement constraints.
|
10079
10073
|
#
|
10080
10074
|
# Valid values: `REPLICA` \| `DAEMON`
|
10081
10075
|
# @return [String]
|
@@ -16283,7 +16277,7 @@ module Aws::SecurityHub
|
|
16283
16277
|
# **Oracle**
|
16284
16278
|
#
|
16285
16279
|
# Contains the Oracle System ID (SID) of the created DB instance. Not
|
16286
|
-
# shown when the returned parameters
|
16280
|
+
# shown when the returned parameters don't apply to an Oracle DB
|
16287
16281
|
# instance.
|
16288
16282
|
# @return [String]
|
16289
16283
|
#
|
@@ -20542,7 +20536,7 @@ module Aws::SecurityHub
|
|
20542
20536
|
# * `Compliance.Status` changes from `PASSED` to `FAILED`,
|
20543
20537
|
# `WARNING`, or `NOT_AVAILABLE`.
|
20544
20538
|
#
|
20545
|
-
# * `SUPPRESSED` - Indicates that you reviewed the finding and
|
20539
|
+
# * `SUPPRESSED` - Indicates that you reviewed the finding and don't
|
20546
20540
|
# believe that any action is needed.
|
20547
20541
|
#
|
20548
20542
|
# The workflow status of a `SUPPRESSED` finding does not change if
|
@@ -20647,7 +20641,7 @@ module Aws::SecurityHub
|
|
20647
20641
|
#
|
20648
20642
|
# @!attribute [rw] compliance_security_control_id
|
20649
20643
|
# The unique identifier of a control across standards. Values for this
|
20650
|
-
# field typically consist of an Amazon Web
|
20644
|
+
# field typically consist of an Amazon Web Services service and a
|
20651
20645
|
# number, such as APIGateway.5.
|
20652
20646
|
# @return [Array<Types::StringFilter>]
|
20653
20647
|
#
|
@@ -21887,7 +21881,7 @@ module Aws::SecurityHub
|
|
21887
21881
|
# counted.
|
21888
21882
|
#
|
21889
21883
|
# `ActivatedRule`\|`OverrideAction` applies only when updating or
|
21890
|
-
# adding a `RuleGroup` to a web ACL. In this case you
|
21884
|
+
# adding a `RuleGroup` to a web ACL. In this case you don't use
|
21891
21885
|
# `ActivatedRule` `Action`. For all other update requests,
|
21892
21886
|
# `ActivatedRule` `Action` is used instead of `ActivatedRule`
|
21893
21887
|
# `OverrideAction`.
|
@@ -21897,7 +21891,7 @@ module Aws::SecurityHub
|
|
21897
21891
|
# Specifies the order in which the rules in a web ACL are evaluated.
|
21898
21892
|
# Rules with a lower value for `Priority` are evaluated before rules
|
21899
21893
|
# with a higher value. The value must be a unique integer. If you add
|
21900
|
-
# multiple rules to a web ACL, the values
|
21894
|
+
# multiple rules to a web ACL, the values don't need to be
|
21901
21895
|
# consecutive.
|
21902
21896
|
# @return [Integer]
|
21903
21897
|
#
|
@@ -23160,7 +23154,7 @@ module Aws::SecurityHub
|
|
23160
23154
|
# @!attribute [rw] security_control_id
|
23161
23155
|
# Typically provides the unique identifier of a control across
|
23162
23156
|
# standards. For Security Hub controls, this field consists of an
|
23163
|
-
# Amazon Web
|
23157
|
+
# Amazon Web Services service and a unique number, such as
|
23164
23158
|
# `APIGateway.5`.
|
23165
23159
|
# @return [String]
|
23166
23160
|
#
|
@@ -23703,12 +23697,12 @@ module Aws::SecurityHub
|
|
23703
23697
|
#
|
23704
23698
|
# @!attribute [rw] regions
|
23705
23699
|
# If `RegionLinkingMode` is `ALL_REGIONS_EXCEPT_SPECIFIED`, then this
|
23706
|
-
# is a space-separated list of Regions that
|
23707
|
-
# to the
|
23700
|
+
# is a space-separated list of Regions that don't replicate and send
|
23701
|
+
# findings to the home Region.
|
23708
23702
|
#
|
23709
23703
|
# If `RegionLinkingMode` is `SPECIFIED_REGIONS`, then this is a
|
23710
|
-
# space-separated list of Regions that do
|
23711
|
-
#
|
23704
|
+
# space-separated list of Regions that do replicate and send findings
|
23705
|
+
# to the home Region.
|
23712
23706
|
#
|
23713
23707
|
# An `InvalidInputException` error results if you populate this field
|
23714
23708
|
# while `RegionLinkingMode` is `NO_REGIONS`.
|
@@ -23725,11 +23719,13 @@ module Aws::SecurityHub
|
|
23725
23719
|
|
23726
23720
|
# @!attribute [rw] finding_aggregator_arn
|
23727
23721
|
# The ARN of the finding aggregator. You use the finding aggregator
|
23728
|
-
# ARN to retrieve details for, update, and stop
|
23722
|
+
# ARN to retrieve details for, update, and stop cross-Region
|
23723
|
+
# aggregation.
|
23729
23724
|
# @return [String]
|
23730
23725
|
#
|
23731
23726
|
# @!attribute [rw] finding_aggregation_region
|
23732
|
-
# The
|
23727
|
+
# The home Region. Findings generated in linked Regions are replicated
|
23728
|
+
# and sent to the home Region.
|
23733
23729
|
# @return [String]
|
23734
23730
|
#
|
23735
23731
|
# @!attribute [rw] region_linking_mode
|
@@ -24655,7 +24651,7 @@ module Aws::SecurityHub
|
|
24655
24651
|
#
|
24656
24652
|
# @!attribute [rw] enable_default_standards
|
24657
24653
|
# Whether to enable the security standards that Security Hub has
|
24658
|
-
# designated as automatically enabled. If you
|
24654
|
+
# designated as automatically enabled. If you don't provide a value
|
24659
24655
|
# for `EnableDefaultStandards`, it is set to `true`. To not enable the
|
24660
24656
|
# automatically enabled standards, set `EnableDefaultStandards` to
|
24661
24657
|
# `false`.
|
@@ -24781,8 +24777,9 @@ module Aws::SecurityHub
|
|
24781
24777
|
include Aws::Structure
|
24782
24778
|
end
|
24783
24779
|
|
24784
|
-
# A finding aggregator
|
24785
|
-
#
|
24780
|
+
# A finding aggregator is a Security Hub resource that specifies
|
24781
|
+
# cross-Region aggregation settings, including the home Region and any
|
24782
|
+
# linked Regions.
|
24786
24783
|
#
|
24787
24784
|
# @!attribute [rw] finding_aggregator_arn
|
24788
24785
|
# The ARN of the finding aggregator. You use the finding aggregator
|
@@ -24839,7 +24836,7 @@ module Aws::SecurityHub
|
|
24839
24836
|
#
|
24840
24837
|
# @!attribute [rw] update_source
|
24841
24838
|
# Identifies the source of the event that changed the finding. For
|
24842
|
-
# example, an integrated Amazon Web
|
24839
|
+
# example, an integrated Amazon Web Services service or third-party
|
24843
24840
|
# partner integration may call [ `BatchImportFindings` ][1], or an
|
24844
24841
|
# Security Hub customer may call [ `BatchUpdateFindings` ][2].
|
24845
24842
|
#
|
@@ -24917,8 +24914,8 @@ module Aws::SecurityHub
|
|
24917
24914
|
#
|
24918
24915
|
# @!attribute [rw] type
|
24919
24916
|
# Describes the type of finding change event, such as a call to [
|
24920
|
-
# `BatchImportFindings` ][1] (by an integrated Amazon Web
|
24921
|
-
#
|
24917
|
+
# `BatchImportFindings` ][1] (by an integrated Amazon Web Services
|
24918
|
+
# service or third party partner integration) or [
|
24922
24919
|
# `BatchUpdateFindings` ][2] (by a Security Hub customer).
|
24923
24920
|
#
|
24924
24921
|
#
|
@@ -25442,7 +25439,8 @@ module Aws::SecurityHub
|
|
25442
25439
|
# @return [String]
|
25443
25440
|
#
|
25444
25441
|
# @!attribute [rw] finding_aggregation_region
|
25445
|
-
# The
|
25442
|
+
# The home Region. Findings generated in linked Regions are replicated
|
25443
|
+
# and sent to the home Region.
|
25446
25444
|
# @return [String]
|
25447
25445
|
#
|
25448
25446
|
# @!attribute [rw] region_linking_mode
|
@@ -25681,7 +25679,7 @@ module Aws::SecurityHub
|
|
25681
25679
|
end
|
25682
25680
|
|
25683
25681
|
# @!attribute [rw] insight_arns
|
25684
|
-
# The ARNs of the insights to describe. If you
|
25682
|
+
# The ARNs of the insights to describe. If you don't provide any
|
25685
25683
|
# insight ARNs, then `GetInsights` returns all of your custom
|
25686
25684
|
# insights. It does not return any managed insights.
|
25687
25685
|
# @return [Array<String>]
|
@@ -27637,8 +27635,8 @@ module Aws::SecurityHub
|
|
27637
27635
|
# @note Policy is a union - when returned from an API call exactly one value will be set and the returned type will be a subclass of Policy corresponding to the set member.
|
27638
27636
|
#
|
27639
27637
|
# @!attribute [rw] security_hub
|
27640
|
-
# The Amazon Web
|
27641
|
-
# to.
|
27638
|
+
# The Amazon Web Services service that the configuration policy
|
27639
|
+
# applies to.
|
27642
27640
|
# @return [Types::SecurityHubPolicy]
|
27643
27641
|
#
|
27644
27642
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Policy AWS API Documentation
|
@@ -28772,7 +28770,7 @@ module Aws::SecurityHub
|
|
28772
28770
|
# @return [String]
|
28773
28771
|
#
|
28774
28772
|
# @!attribute [rw] destination_prefix_list_id
|
28775
|
-
# The prefix of the destination Amazon Web
|
28773
|
+
# The prefix of the destination Amazon Web Services service.
|
28776
28774
|
# @return [String]
|
28777
28775
|
#
|
28778
28776
|
# @!attribute [rw] egress_only_internet_gateway_id
|
@@ -29287,7 +29285,7 @@ module Aws::SecurityHub
|
|
29287
29285
|
#
|
29288
29286
|
# @!attribute [rw] security_control_id
|
29289
29287
|
# The unique identifier of a security control across standards. Values
|
29290
|
-
# for this field typically consist of an Amazon Web
|
29288
|
+
# for this field typically consist of an Amazon Web Services service
|
29291
29289
|
# name and a number, such as APIGateway.3.
|
29292
29290
|
# @return [String]
|
29293
29291
|
#
|
@@ -29400,7 +29398,7 @@ module Aws::SecurityHub
|
|
29400
29398
|
#
|
29401
29399
|
# @!attribute [rw] security_control_id
|
29402
29400
|
# The unique identifier of a security control across standards. Values
|
29403
|
-
# for this field typically consist of an Amazon Web
|
29401
|
+
# for this field typically consist of an Amazon Web Services service
|
29404
29402
|
# name and a number (for example, APIGateway.3). This parameter
|
29405
29403
|
# differs from `SecurityControlArn`, which is a unique Amazon Resource
|
29406
29404
|
# Name (ARN) assigned to a control. The ARN references the security
|
@@ -29640,7 +29638,7 @@ module Aws::SecurityHub
|
|
29640
29638
|
# * `CRITICAL` - The issue must be remediated immediately to avoid it
|
29641
29639
|
# escalating.
|
29642
29640
|
#
|
29643
|
-
# If you provide `Normalized` and
|
29641
|
+
# If you provide `Normalized` and don't provide `Label`, then `Label`
|
29644
29642
|
# is set automatically as follows.
|
29645
29643
|
#
|
29646
29644
|
# * 0 - `INFORMATIONAL`
|
@@ -29660,7 +29658,7 @@ module Aws::SecurityHub
|
|
29660
29658
|
#
|
29661
29659
|
# The value of `Normalized` can be an integer between `0` and `100`.
|
29662
29660
|
#
|
29663
|
-
# If you provide `Label` and
|
29661
|
+
# If you provide `Label` and don't provide `Normalized`, then
|
29664
29662
|
# `Normalized` is set automatically as follows.
|
29665
29663
|
#
|
29666
29664
|
# * `INFORMATIONAL` - 0
|
@@ -29698,7 +29696,7 @@ module Aws::SecurityHub
|
|
29698
29696
|
# The normalized severity for the finding. This attribute is to be
|
29699
29697
|
# deprecated in favor of `Label`.
|
29700
29698
|
#
|
29701
|
-
# If you provide `Normalized` and
|
29699
|
+
# If you provide `Normalized` and don't provide `Label`, `Label` is
|
29702
29700
|
# set automatically as follows.
|
29703
29701
|
#
|
29704
29702
|
# * 0 - `INFORMATIONAL`
|
@@ -29947,7 +29945,7 @@ module Aws::SecurityHub
|
|
29947
29945
|
#
|
29948
29946
|
# @!attribute [rw] security_control_id
|
29949
29947
|
# The unique identifier of a security control across standards. Values
|
29950
|
-
# for this field typically consist of an Amazon Web
|
29948
|
+
# for this field typically consist of an Amazon Web Services service
|
29951
29949
|
# name and a number, such as APIGateway.3.
|
29952
29950
|
# @return [String]
|
29953
29951
|
#
|
@@ -30048,7 +30046,7 @@ module Aws::SecurityHub
|
|
30048
30046
|
#
|
30049
30047
|
# @!attribute [rw] security_control_id
|
30050
30048
|
# A unique standard-agnostic identifier for a control. Values for this
|
30051
|
-
# field typically consist of an Amazon Web
|
30049
|
+
# field typically consist of an Amazon Web Services service and a
|
30052
30050
|
# number, such as APIGateway.5. This field doesn't reference a
|
30053
30051
|
# specific standard.
|
30054
30052
|
# @return [String]
|
@@ -31156,12 +31154,12 @@ module Aws::SecurityHub
|
|
31156
31154
|
#
|
31157
31155
|
# @!attribute [rw] regions
|
31158
31156
|
# If `RegionLinkingMode` is `ALL_REGIONS_EXCEPT_SPECIFIED`, then this
|
31159
|
-
# is a space-separated list of Regions that
|
31160
|
-
# to the
|
31157
|
+
# is a space-separated list of Regions that don't replicate and send
|
31158
|
+
# findings to the home Region.
|
31161
31159
|
#
|
31162
31160
|
# If `RegionLinkingMode` is `SPECIFIED_REGIONS`, then this is a
|
31163
|
-
# space-separated list of Regions that do
|
31164
|
-
#
|
31161
|
+
# space-separated list of Regions that do replicate and send findings
|
31162
|
+
# to the home Region.
|
31165
31163
|
#
|
31166
31164
|
# An `InvalidInputException` error results if you populate this field
|
31167
31165
|
# while `RegionLinkingMode` is `NO_REGIONS`.
|
@@ -31182,7 +31180,8 @@ module Aws::SecurityHub
|
|
31182
31180
|
# @return [String]
|
31183
31181
|
#
|
31184
31182
|
# @!attribute [rw] finding_aggregation_region
|
31185
|
-
# The
|
31183
|
+
# The home Region. Findings generated in linked Regions are replicated
|
31184
|
+
# and sent to the home Region.
|
31186
31185
|
# @return [String]
|
31187
31186
|
#
|
31188
31187
|
# @!attribute [rw] region_linking_mode
|
@@ -31757,7 +31756,7 @@ module Aws::SecurityHub
|
|
31757
31756
|
# the security issue. Used when the initial reviewer is not the
|
31758
31757
|
# resource owner, and needs intervention from the resource owner.
|
31759
31758
|
#
|
31760
|
-
# * `SUPPRESSED` - Indicates that you reviewed the finding and
|
31759
|
+
# * `SUPPRESSED` - Indicates that you reviewed the finding and don't
|
31761
31760
|
# believe that any action is needed. The finding is no longer
|
31762
31761
|
# updated.
|
31763
31762
|
#
|
@@ -31801,7 +31800,7 @@ module Aws::SecurityHub
|
|
31801
31800
|
# * `RESOLVED` - The finding was reviewed and remediated and is now
|
31802
31801
|
# considered resolved.
|
31803
31802
|
#
|
31804
|
-
# * `SUPPRESSED` - Indicates that you reviewed the finding and
|
31803
|
+
# * `SUPPRESSED` - Indicates that you reviewed the finding and don't
|
31805
31804
|
# believe that any action is needed. The finding is no longer
|
31806
31805
|
# updated.
|
31807
31806
|
# @return [String]
|
data/lib/aws-sdk-securityhub.rb
CHANGED
@@ -11,6 +11,8 @@
|
|
11
11
|
require 'aws-sdk-core'
|
12
12
|
require 'aws-sigv4'
|
13
13
|
|
14
|
+
Aws::Plugins::GlobalConfiguration.add_identifier(:securityhub)
|
15
|
+
|
14
16
|
# This module provides support for AWS SecurityHub. This module is available in the
|
15
17
|
# `aws-sdk-securityhub` gem.
|
16
18
|
#
|
@@ -52,7 +54,7 @@ module Aws::SecurityHub
|
|
52
54
|
autoload :EndpointProvider, 'aws-sdk-securityhub/endpoint_provider'
|
53
55
|
autoload :Endpoints, 'aws-sdk-securityhub/endpoints'
|
54
56
|
|
55
|
-
GEM_VERSION = '1.
|
57
|
+
GEM_VERSION = '1.121.0'
|
56
58
|
|
57
59
|
end
|
58
60
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-securityhub
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.121.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-09-
|
11
|
+
date: 2024-09-27 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-core
|